DAILY NEWS: Setembro (18/09 - 24/09) - 38 Semana de 2022

Cyber Security and Information Security News - Daily Updates !! Weekly Review

24/09


15 Year Old Python Bug Let Hacker Execute Code in Code 350k Python Projects


American Airlines learned it was breached from phishing targets


Criminals are using QR codes to target victims - how to avoid 'most insidious' scam


Hackers Exploited Zero-Day RCE Vulnerability in Sophos Firewall — Patch Released


Israel Bolsters Digital Defense Amid Iran Cyber Threat – Analysis


Landbank warns of phishing scam via Google Ads search


London Police Arrested 17-Year-Old Hacker Suspected of Uber and GTA 6 Breaches


Microsoft SQL servers hacked in TargetCompany ransomware attacks


OneTouchPoint data breach investigation: Who’s affected?


Optus confirms customer data breach, says passport data may be affected


Optus issues data scam alert to customers


Ransomware attacks on healthcare organizations have devastating results for providers & patients


Some Questions answered by the GTA 6 Leaks and others left hanging


Take-Two confirms cyber attack on 2K Games


TAP cyberattack: Portuguese president's personal data stolen


What is a cyber insurance policy? Should you buy one?


23/09


As Cyberattacks Intensify, Orgs Don’t Report Incidents


Australian Telecoms company Optus discloses security breach


Beware fake anti-virus reviews


CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability


Critical ManageEngine RCE flaw is being exploited (CVE-2022-35405)


Cyber attack threat: Dumfries and Galloway Council on alert


Cyber Security & Cloud Expo: Examining the 2022 malware landscape


Cyprus and Romania build ties on cybersecurity, innovation and entrepreneurship


Europol "Hackathon" Identifies Scores of Human Trafficking Victims


Fake Indian Banking Rewards Apps Targeting Android Users with Info-stealing Malware


Firing Your Entire Cybersecurity Team? Are You Sure?


Hackers Using Malicious OAuth Apps to Take Over Email Servers


How does identity crime affect victims?


Learn How To Be A Good Hacker With The 2023 Cyber Security Ethical Hacking Bundle With 98% Off


Massive cyber attack in Australia; nearly 10 million people affected


Microsoft shares workarounds for Windows Group Policy issues


Mitigating the cybersecurity crisis for the school year ahead


Multi-million dollar credit card fraud operation uncovered


NSA Reveals "Hackers' Playbook" for OT Attacks


Optus cyber-attack could involve customers dating back to 2017


Optus Cyber-attack | What You Need to Know


Revolut hit by ‘highly targeted’ cyber attack


Risk management focus shifts from external to internal exposure


Seven-Year Mobile Surveillance Campaign Targets Uyghurs


Supply chain cyber security series


The Central Securities Clearing System (CSCS), regulators, others set to tackle cyber security challenges


This image contains its own MD5 checksum — and it's kind of a big deal


Void Balaur Hackers-for-Hire Targeting Russian Businesses and Politics Entities


Why MFA matters: These attackers cracked admin accounts then used Exchange to send spam



22/09


15-Year-Old Unpatched Python Vulnerability Potentially Affects Over 350,000 Projects


Authorized Push Payments Surge to 75% of Banking Fraud


BlackCat ransomware’s data exfiltration tool gets an upgrade


Critical Magento vulnerability targeted in new surge of attacks


Customers’ personal data stolen as Optus suffers massive cyber-attack


Data Stolen: TAP Air Portugal Suffers Cyberattack


Fake Banking Rewards Apps Install Info-stealing RAT on Android Phones


Google Chrome users looking to download pirated software at risk of new malware infection


Hackers stealing GitHub accounts using fake CircleCI notifications


Hackers Targeting Unpatched Atlassian Confluence Servers to Deploy Crypto Miners


How to Prevent Ransomware as a Service (RaaS) Attacks


Iranian Hackers Hid in Albanian Networks for Over a Year


IT Security Takeaways from the Wiseasy Hack


Los Angeles school district receives ransom demand from Labor Day weekend cyberattacker


Malicious NPM Package Caught Mimicking Material Tailwind CSS Package


Microsoft Exchange servers hacked via OAuth apps for phishing


Morgan Stanley Fined $35m By SEC For Data Security Lapse


National Security Agency (NSA) shares guidance to help secure OT/ICS critical infrastructure


Nelnet loan service data breach: What you should know


OpIran – Anonymous Hits Iranian State Sites, Hacks Over 300 CCTV Cameras


Optus attack exposes customer information


Optus data breach: who is affected, what has been taken and what should you do?


Optus Hit By Cyber-Attack, Breach Affects Nearly 10 Million Customers


Preventing the Recruitment of Insider Threat Actors


Python tarfile vulnerability affects 350,000 open-source projects (CVE-2007-4559)


Researchers Disclose Critical Vulnerability in Oracle Cloud Infrastructure


Researchers Uncover Years-Long Mobile Spyware Campaign Targeting Uyghurs


Russia-Based Hackers FIN11 Impersonate Zoom to Conduct Phishing Campaigns


SMBs vs. large enterprises: Not all compromises are created equal


Threat actors have their insider threats, too


Three Iranian Nationals Charged in Critical Services Scheme


Twitter Password Reset Bug Exposed User Accounts


Uber hack reveals key security lapses; here’s how firms can avoid them


Up to 9 million Aussies affected in major Optus data breach


US Agency Broke Into China’s Telecom Networks, State Media Says


US’ NSA infiltrates China’s data infrastructure in cyberattack on leading university


Waterloo Region District School Board (WRDSB) lawyer clarifies police timeline in cyber attack


What you need to know about Evil-Colon attacks


21/09


2K Games Support Desk Hacked, Phishing Emails Sent To Certain Players


2K warns of cyber attack of its customer support


3 free Linux security training courses you can take right now


4 key takeaways from “XDR is the Perfect Solution for SMEs” webinar


20/20 visibility is paramount to network security


350K Open-Source Projects At Risk of Supply Chain Vulnerability


Agent-based vs. agentless security: Pros and cons


American Airlines confirms data breach exposing some customers’ data


Best practices to bolster software supply chain security


ChromeLoader, what took you so long? Malvertising irritant now slings ransomware


Companies Without Zero Trust Could Lose $1M More During a Data Breach


Critical Remote Hack Flaws Found in Dataprobe's Power Distribution Units


Crypto Trading Firm Wintermute Loses $160 Million in Hacking Incident


DDoS and bot attacks in 2022: Business sectors at risk and how to defend


Domain shadowing becoming more popular among cybercriminals


FBI: Iranian hackers lurked in Albania’s govt network for 14 months


Is $15.6 billion enough to protect critical infrastructure?


LinkedIn Smart Links abused in evasive email phishing attacks


LockBit ransomware builder leaked online by “angry developer”


Malwarebytes mistakenly blocks Google, YouTube for malware


Microsoft Upgrades Windows 11 With New Security Features


Multiple Vulnerabilities Discovered in Dataprobe's iBoot-PDUs


NCSC: British Retailers Need to Move Beyond Passwords


New York Racing Association confirms hack by Hive ransomware group


Ninety Percent of Organizations Struggle with Ransomware


Open Source Repository Attacks Soar 700% in Three Years


Over 39,000 Unauthenticated Redis Instances Found Exposed on the Internet


Record DDoS Attack with 25.3 Billion Requests Abused HTTP/2 Multiplexing


Security lessons to learn after the Uber data breach


South Redford Schools closed again after cyber attack


Survey Reveals the Severity of Cloud Security Challenge


The explosion of data is beyond human ability to manage


The Multi-Cloud is The New Normal, But Creates Key Security Challenges


The rise of ‘PhaaS’ — and a roadmap to mitigate ‘Phishing-as-a-Service’


Twitter failed to log you out of all devices after password resets


Two-Fifths of US Consumers Suffer Personal Data Theft


Unpatched 15-year old Python bug allows code execution in 350k projects


U.S. Adds 2 More Chinese Telecom Firms to National Security Threat List


US to award $1B to state, local, and territorial governments to improve cyber resilience


Video Game Publisher Admits Helpdesk Was Hijacked


What Is Ransomware? A Guide to Ransomware Prevention and Removal


Why Zero Trust Should be the Foundation of Your Cybersecurity Ecosystem


Windows 11 gets better protection against SMB brute-force attacks


20/09


American Airlines Admits Data Breach


American Airlines Breach Exposes Customer and Staff Information


American Airlines hit by data breach


American Airlines says data breach affected some customers, employees


Brexit: ‘No known data breaches’ of EU citizens’ digital status since programme launch, minister claims


Cash Express, LLC Files Notice of Data Breach Following Unauthorized Access to the Company’s IT Network


City Furniture, Inc. Files Notice of Data Breach


Common medical devices ripe for cyberattack, LTC prone to security breaches


Critical Vulnerability in Oracle Cloud Infrastructure Allowed Unauthorized Access


Cyber Threat Detection: The First Layer of Defence in Depth


Cyber Security Awareness Master Plan to be ready in 2023: MKN


Europol and Bitdefender Jointly Release LockerGoga Decryptor


Game dev 2K’s support site hacked to push malware via fake tickets


Grand Theft Auto Publisher Rockstar Games Hacked


GTA 6: FBI investiga suposto hacker da Rockstar


Hacker da Uber afirma ter invadido jogos da Rockstar e lançado vídeos de GTA 6


Hackers invadem empresa de criptomoedas e roubam R$ 800 milhões


Hackers steal $162 million from Wintermute crypto market maker


Holiday Inn hotel chain hit by cyber attack


How can organizations benefit from full-stack observability?


How to activate Lockdown Mode on macOS Ventura


HowTo: Defend the Legal Sector from Insider Threats


Indonesia finally passes personal data protection law


Kiwi Farms Website Hacked! Admin Warns of Data Leak


Lapsus$, grupo hacker que derrubou a Microsoft, agora ataca fabricante do “GTA 6”


MFA Fatigue: Hackers’ new favorite tactic in high-profile breaches


New CFIUS Executive Order Clarifies Review Factors for Evolving National Security Landscape


NY Ambulance Service Suffers Healthcare Data Breach, 318K Impacted


Open-source software usage slowing down for fear of vulnerabilities, exposures, or risks


Organizations Lack Visibility Into Cloud Access


PebblePad achieves new ISO and cyber-security accreditations


Phishing attacks targeting US government have evolved in sophistication, Confense reports


Plans for the EU-wide Cyber Resilience Act have been unveiled


Ransomware attack at NY emergency service prompts data breach


Ransomware attacks have nearly doubled since 2020, according to GetApp


Revolut Breach May Have Hit 50,000+ Customers


Revolut data breach: 50,000+ users affected


Revolut mobile banking startup confirms data breach of 50,000 users


Ripple effects of ransomware attack against Suffolk County continue more than a week later


Russian Sandworm Hackers Impersonate Ukrainian Telecoms to Distribute Malware


Social Engineering: How A Teen Hacker Allegedly Managed To Breach Both Uber And Rockstar Games


SpyCloud Report: Despite Increased Spend on Ransomware Mitigation, 90% of Companies Affected in the Last Year


Take cybersecurity out to where employees and data are coming together


The 25 most popular programming languages and trends


The Innovative CEO Of An Automotive Cyber Security Company


The rise of attacks on critical infrastructure


Third-Party Risk in the Cloud


Uber Blames Lapsus$ for Breach


Uber Blames LAPSUS$ Hacking Group for Recent Security Breach


Uber hit by significant cyber attack


Uber says Lapsus$ gang is behind the recent breach


While Hackers Eye Small Businesses, Ransomware Attacks Decline


Wintermute, market maker cripto, perde US$ 160 milhões com ataque hacker a operação DeFi


19/09


Akamai APJ Ransomware Report H1 2022 - Summary


Alleged Grand Theft Auto 6 (GTA6) gameplay videos and source code leaked online


Cisco admits that the Yanluowang ransomware gang stole data from its network


Critical Infrastructure Takes Center Stage


Crypto giveaway scams continue to escalate


Emotet Botnet Started Distributing Quantum and BlackCat Ransomware


Europol and Bitdefender Release Free Decryptor for LockerGoga Ransomware


Experts warn of critical flaws in Flexlan devices that provide WiFi on airplanes


Google, Meta FINED about US$72 million in South Korea for data breach


GTA 6 in-development footage leaked, hack still unconfirmed


GTA 6 leaked: Hacker leaks over 90 gameplay videos showcasing alleged build


Hackers target gamers in SA, Kenya


High severity vulnerabilities found in Harbor open-source artifact registry


How to Know if You’ve Been Caught up in a Data Breach, and What You Can Do About It


Indonesia hunts for Bjorka, hacker selling 1.3b SIM card users’ data, taunting officials


It’s 2022 – Are Passwords Still Important?


LastPass publishes details of the cyber attack it received


Microsoft Teams' GIFShell Attack: What Is It and How You Can Protect Yourself from It


Microsoft Warns of Large-Scale Click Fraud Campaign Targeting Gamers


Most critical security gaps in the public cloud


Pacific Asia Travel Association (PATA) cautions on mailing list scam


Prevention remains best strategy when dealing with cyber risks - Lewis Clark


Revolut Bank reveals that it has suffered a data breach on its data security


Revolut hack exposes data of 50,000 users, fuels new phishing wave


SaaS Security Issues Driven by Sprawl, Lack of Visibility


Schrodinger’s Misconfigurations


Securing your Apple device front through unified endpoint management


Starbucks SG involved in data breach


TeamTNT is back and targets servers to run Bitcoin encryption solvers


The benefits of digital trust


The impact of location-based fraud


The Security Awareness Of People Is The Important Firewall In IT


Trend Micro warns of attack surge, targets more sectors


Uber Hacker Claims To Have Hacked Rockstar Games, Releases GTA 6 Videos


What do SOC analysts need to be successful?


Where to Find the Best Healthcare Software Developers


18/09


Após leak de GTA 6, suposto hacker quer negociar código fonte de GTA 5


AWS misconfiguration exposes the data of Indian government and universities including Banaras Hindu University


Indonesia hunts for Bjorka, hacker selling 1.3b SIM card users' data, taunting officials


Bangladesh is at serious risk of cyber crimes


CERT-In issues new advisory for smartphone users as cybercrime cases rise


ClearBalance, Bricker & Eckler settle data breach lawsuits involving patient data


Deleted popular hotel chain’s data ‘for fun,’ claims hacker couple


Elder fraud is real. Tell your parents, grandparents and friends about these scams


GTA 6 Hacker Claims He Also Hacked Into Uber


GTA 6 hacker has access to source code, shares 10K lines of code


Hacker couple erased hotel group's data for fun: Report


Hacker Couple Who Erased Hotel Chain Data Mock Terrible Password


Hacker quer vazou gameplays do GTA 6 quer negociar acordo com a Rockstar para não fazer mais vazamentos


Hacker que vazou vídeos do GTA 6 divulga 10 mil linhas de código do jogo e ameaça fazer mais vazamentos


Hunt on for hacker who leaked over one billion Indonesians’ data


Large cache of GTA 6 development footage may have leaked online


Lloyds Bank issues alert on council tax scam targeting 'anyone with an email account'


Malvertising: How to avoid falling for these malware-infested ads


Microsoft Teams deemed unsafe to use by security researchers


Piracy Advertising Researchers Fall Victim to Ransomware Attacks


Starbucks Singapore’s Database Gets Breached


Staying ahead of scammers an opportunity for S'pore to boost its financial reputation: Experts


TeamTNT hijacking servers to run Bitcoin encryption solvers


The Storage Manager’s Quick-Guide to Ransomware Resiliency


Uber Data Breach: Company Says No Private Users' Data Compromised


Uber probing data breach incident involving ‘internal systems’


Uber says services are operational following data breach


Watford Community Housing denies scam calls due to data breach


What is Sova virus? All you need to know about the new mobile banking virus


What to do if you were a corporate hack victim



DAILY NEWS: Setembro (11/09 - 17/09) - 37 Semana de 2022

Who am I...

Apenas um amante da tecnologia e da Segurança da Informação. Hacker ? Até que prove ao contrário não.. Profissional ? Sim.. Mais de 20 anos no mercado de Segurança da Informação sempre atuando em grandes Empresas.

 

Levantando a bandeira de que hacker é um profissional e especialista naquilo que ele faz. Hacker é um especialista, um pesquisador, um profissional como outro qualquer.

Skatista, músico e fotógrafo de instagram nas horas vagas....

Procurar por Tags
Pelo Mundo Afora...
  • Twitter Social Icon
  • LinkedIn Social Icon